Register | Log in

intel-microcode

Processor microcode firmware for Intel CPUs

Choose email to subscribe with

general

source: intel-microcode (non-free-firmware)
version: 3.20250211.1
maintainer: Henrique de Moraes Holschuh (DMD)
uploaders: Giacomo Catenazzi [DMD]
arch: amd64 i386 x32
std-ver: 4.1.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 3.20220510.1~deb10u1
o-o-sec: 3.20240312.1~deb10u1
oldstable: 3.20240813.1~deb11u1
old-sec: 3.20241112.1~deb11u1
old-bpo: 3.20220207.1~bpo11+1
old-p-u: 3.20240813.1~deb11u1
stable: 3.20241112.1~deb12u1
stable-sec: 3.20231114.1~deb12u1
testing: 3.20250211.1
unstable: 3.20250211.1

versioned links

3.20220207.1~bpo11+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.20220510.1~deb10u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.20231114.1~deb12u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.20240312.1~deb10u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.20240813.1~deb11u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.20241112.1~deb11u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.20241112.1~deb12u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.20250211.1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

intel-microcode (14 bugs: 0, 11, 3, 0)

action needed

12 security issues in bullseye high

There are 12 open security issues in bullseye.

12 important issues:

CVE-2023-34440: Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2023-43758: Improper input validation in UEFI firmware for some Intel(R) processors may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2024-24582: Improper input validation in XmlCli feature for UEFI firmware for some Intel(R) processors may allow privileged user to potentially enable escalation of privilege via local access.
CVE-2024-28047: Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.
CVE-2024-28127: Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2024-29214: Improper input validation in UEFI firmware CseVariableStorageSmm for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2024-31068: Improper Finite State Machines (FSMs) in Hardware Logic for some Intel(R) Processors may allow privileged user to potentially enable denial of service via local access.
CVE-2024-31157: Improper initialization in UEFI firmware OutOfBandXML module in some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.
CVE-2024-36293: Improper access control in the EDECCSSA user leaf function for some Intel(R) Processors with Intel(R) SGX may allow an authenticated user to potentially enable denial of service via local access.
CVE-2024-37020: Sequence of processor instructions leads to unexpected behavior in the Intel(R) DSA V1.0 for some Intel(R) Xeon(R) Processors may allow an authenticated user to potentially enable denial of service via local access.
CVE-2024-39279: Insufficient granularity of access control in UEFI firmware in some Intel(R) processors may allow a authenticated user to potentially enable denial of service via local access.
CVE-2024-39355: Improper handling of physical or environmental conditions in some Intel(R) Processors may allow an authenticated user to enable denial of service via local access.

Created: 2025-02-12 Last update: 2025-02-27 05:02

12 low-priority security issues in bookworm low

There are 12 open security issues in bookworm.

12 issues left for the package maintainer to handle:

CVE-2023-34440: (postponed; to be fixed through a stable update) Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2023-43758: (postponed; to be fixed through a stable update) Improper input validation in UEFI firmware for some Intel(R) processors may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2024-24582: (postponed; to be fixed through a stable update) Improper input validation in XmlCli feature for UEFI firmware for some Intel(R) processors may allow privileged user to potentially enable escalation of privilege via local access.
CVE-2024-28047: (postponed; to be fixed through a stable update) Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.
CVE-2024-28127: (postponed; to be fixed through a stable update) Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2024-29214: (postponed; to be fixed through a stable update) Improper input validation in UEFI firmware CseVariableStorageSmm for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2024-31068: (postponed; to be fixed through a stable update) Improper Finite State Machines (FSMs) in Hardware Logic for some Intel(R) Processors may allow privileged user to potentially enable denial of service via local access.
CVE-2024-31157: (postponed; to be fixed through a stable update) Improper initialization in UEFI firmware OutOfBandXML module in some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.
CVE-2024-36293: (postponed; to be fixed through a stable update) Improper access control in the EDECCSSA user leaf function for some Intel(R) Processors with Intel(R) SGX may allow an authenticated user to potentially enable denial of service via local access.
CVE-2024-37020: (postponed; to be fixed through a stable update) Sequence of processor instructions leads to unexpected behavior in the Intel(R) DSA V1.0 for some Intel(R) Xeon(R) Processors may allow an authenticated user to potentially enable denial of service via local access.
CVE-2024-39279: (postponed; to be fixed through a stable update) Insufficient granularity of access control in UEFI firmware in some Intel(R) processors may allow a authenticated user to potentially enable denial of service via local access.
CVE-2024-39355: (postponed; to be fixed through a stable update) Improper handling of physical or environmental conditions in some Intel(R) Processors may allow an authenticated user to enable denial of service via local access.

You can find information about how to handle these issues in the security team's documentation.

Created: 2025-02-12 Last update: 2025-02-27 05:02

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.2 instead of 4.1.1).

Created: 2018-01-05 Last update: 2025-02-27 13:25

news

[2025-02-22] intel-microcode 3.20250211.1 MIGRATED to testing (Debian testing watch)
[2025-02-16] Accepted intel-microcode 3.20250211.1 (source) into unstable (Henrique de Moraes Holschuh)
[2024-12-23] Accepted intel-microcode 3.20241112.1~deb11u1 (source) into oldstable-security (Tobias Frost)
[2024-12-18] Accepted intel-microcode 3.20241112.1~deb12u1 (source) into proposed-updates (Debian FTP Masters) (signed by: Henrique de Moraes Holschuh)
[2024-11-24] Accepted intel-microcode 3.20240910.1~deb11u1 (source) into oldstable-security (Tobias Frost)
[2024-11-20] intel-microcode 3.20241112.1 MIGRATED to testing (Debian testing watch)
[2024-11-14] Accepted intel-microcode 3.20241112.1 (source) into unstable (Henrique de Moraes Holschuh)
[2024-11-02] Accepted intel-microcode 3.20240910.1~deb12u1 (source) into proposed-updates (Debian FTP Masters) (signed by: Henrique de Moraes Holschuh)
[2024-09-27] intel-microcode 3.20240910.1 MIGRATED to testing (Debian testing watch)
[2024-09-21] Accepted intel-microcode 3.20240910.1 (source) into unstable (Henrique de Moraes Holschuh)
[2024-08-22] Accepted intel-microcode 3.20240813.1~deb12u1 (source) into proposed-updates (Debian FTP Masters) (signed by: Henrique de Moraes Holschuh)
[2024-08-21] Accepted intel-microcode 3.20240813.1~deb11u1 (source) into oldstable-proposed-updates (Debian FTP Masters) (signed by: Henrique de Moraes Holschuh)
[2024-08-20] intel-microcode 3.20240813.2 MIGRATED to testing (Debian testing watch)
[2024-08-20] intel-microcode 3.20240813.2 MIGRATED to testing (Debian testing watch)
[2024-08-17] Accepted intel-microcode 3.20240813.2 (source) into unstable (Henrique de Moraes Holschuh)
[2024-08-15] Accepted intel-microcode 3.20240813.1 (source) into unstable (Henrique de Moraes Holschuh)
[2024-06-19] intel-microcode 3.20240531.1+nmu1 MIGRATED to testing (Debian testing watch)
[2024-06-13] Accepted intel-microcode 3.20240531.1+nmu1 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
[2024-06-09] Accepted intel-microcode 3.20240514.1~deb11u1 (source) into oldstable-proposed-updates (Debian FTP Masters) (signed by: Henrique de Moraes Holschuh)
[2024-06-09] Accepted intel-microcode 3.20240514.1~deb12u1 (source) into proposed-updates (Debian FTP Masters) (signed by: Henrique de Moraes Holschuh)
[2024-06-07] intel-microcode 3.20240531.1 MIGRATED to testing (Debian testing watch)
[2024-06-01] Accepted intel-microcode 3.20240531.1 (source) into unstable (Henrique de Moraes Holschuh)
[2024-05-22] intel-microcode 3.20240514.1 MIGRATED to testing (Debian testing watch)
[2024-05-17] Accepted intel-microcode 3.20240514.1 (source) into unstable (Henrique de Moraes Holschuh)
[2024-05-12] Accepted intel-microcode 3.20240312.1~deb11u1 (source) into oldstable-proposed-updates (Debian FTP Masters) (signed by: Henrique de Moraes Holschuh)
[2024-05-04] Accepted intel-microcode 3.20240312.1~deb10u1 (source amd64) into oldoldstable (Tobias Frost)
[2024-04-04] Accepted intel-microcode 3.20240312.1~deb12u1 (source) into proposed-updates (Debian FTP Masters) (signed by: Henrique de Moraes Holschuh)
[2024-03-18] intel-microcode 3.20240312.1 MIGRATED to testing (Debian testing watch)
[2024-03-13] Accepted intel-microcode 3.20240312.1 (source) into unstable (Henrique de Moraes Holschuh)
[2023-12-16] Accepted intel-microcode 3.20231114.1~deb10u1 (source amd64) into oldoldstable (Tobias Frost)

1
2

bugs [bug history graph]

all: 16
RC: 0
I&N: 11
M&W: 4
F&P: 1
patch: 0

links

homepage
buildd: logs, checks, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 3.20250211.1ubuntu1
39 bugs
patches for 3.20250211.1ubuntu1

Debian Package Tracker — Copyright 2013-2025 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing